Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Boot sector
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Boot-sector viruses == Since code in the boot sector is executed automatically, boot sectors have historically been a common attack vector for [[computer virus]]es. To combat this behavior, the [[system BIOS]] often includes an option to prevent software from writing to the first sector of any attached hard drives; it could thereby protect the [[master boot record]] containing the [[partition table]] from being overwritten accidentally, but not the [[volume boot record]]s in the bootable partitions.<ref>{{cite web|title=Intel Desktop Boards BIOS Settings Dictionary|publisher=[[Intel]]|url=http://download.intel.com/support/motherboards/desktop/sb/biosglossarybymenu_v13.pdf|access-date=2013-09-01}}</ref> Depending on the BIOS, attempts to write to the protected sector may be blocked with or without user interaction. Most BIOSes, however, will display a popup message giving the user a chance to override the setting. The BIOS option is disabled by default because the message may not be displayed correctly in graphics mode and blocking access to the MBR may cause problems with operating system setup programs or disk access, encryption or partitioning tools like [[FDISK]], which may not have been written to be aware of that possibility, causing them to abort ungracefully and possibly leaving the disk partitioning in an inconsistent state.<ref group="nb" name="NB_FDISK_DRDOS"/> As an example, the malware [[Petya (malware)|NotPetya]] attempts to gain administrative privileges on an operating system, and then would attempt to overwrite the boot sector of a computer.<ref>{{Cite web|url=https://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html|title=New Ransomware Variant "Nyetya" Compromises Systems Worldwide|website=blog.talosintelligence.com|date=27 June 2017 |access-date=2018-05-28}}</ref><ref>{{Cite news|url=https://www.ciodive.com/news/in-an-era-of-global-malware-attacks-what-happens-if-theres-no-kill-switch/447157/|title=In an era of global malware attacks, what happens if there's no kill switch?|work=CIO Dive|access-date=2018-05-28|language=en-US}}</ref> The [[Central Intelligence Agency|CIA]] has also developed malware that attempts to modify the boot sector in order to load additional drivers to be used by other malware.<ref>{{Cite news|url=http://www.securitynewspaper.com/2017/09/01/cia-developed-windows-malware-alters-boot-sector-load-malware/|title=CIA Developed Windows Malware That Alters Boot Sector to Load More Malware|date=2017-09-01|work=Information Security Newspaper|access-date=2018-05-28|language=en-US}}</ref> Another Malware that overwrites boot sector is the [[MEMZ]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)